1890e52bd61e508b5c708b52ad8454a1[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1890e52bd61e508b5c708b52ad8454a1.bin
Size

178KB
MD5

e891cfd153f23e52e6f7557cdcf0332f
SHA1

f342ccaf0de652152dfc9eaeda1504a2f1c6541f
SHA256

892040d068fc856426dafd7a2665bc3c38d073759c928844af64d3b891765cae
SHA512

e7a154cf5f781f247bf160857209f76bcaf392956b1f00f2fa7f6386294813da3e16b8e135c3d966b73c78b19a08b391dbf9add9927884e1de64b42b076f7697
SSDEEP

3072:Te4vAD2kwf1Xl9LHBlRDkfLso++Z9Gcts+nzuidXDYL7x6+usHXqg4Kc4I2n:kqkOXl9bBLMLso++BbnzrXDYhSs34of

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/35d23e9a49bfe87f8b77d79e2d8b5a5f32d5f0cda5c4ab0cd3a7522e6455f446.exe

Files

1890e52bd61e508b5c708b52ad8454a1.bin
.zip

Password: infected
35d23e9a49bfe87f8b77d79e2d8b5a5f32d5f0cda5c4ab0cd3a7522e6455f446.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\9cdtov\obj\Release\QQf.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ